Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Guard all the places that ant sets the security manager #1662

Merged
merged 2 commits into from
Dec 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ant/org.eclipse.ant.launching/META-INF/MANIFEST.MF
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ Bundle-ManifestVersion: 2
Bundle-Localization: plugin
Bundle-Name: %pluginName
Bundle-SymbolicName: org.eclipse.ant.launching;singleton:=true
Bundle-Version: 1.4.600.qualifier
Bundle-Version: 1.4.700.qualifier
Bundle-Activator: org.eclipse.ant.internal.launching.AntLaunching
Require-Bundle: org.eclipse.core.runtime;bundle-version="[3.29.0,4.0.0)",
org.eclipse.debug.core;bundle-version="[3.12.0,4.0.0)",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@
import org.apache.tools.ant.Task;
import org.apache.tools.ant.TaskAdapter;
import org.apache.tools.ant.util.FileUtils;
import org.apache.tools.ant.util.JavaEnvUtils;
import org.eclipse.ant.internal.launching.remote.logger.RemoteAntBuildLogger;

/**
Expand All @@ -58,6 +59,17 @@
*/
public class InternalAntRunner {

private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed();

private static boolean isSecurityManagerAllowed() {
String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$
if (sm == null) { // default is 'disallow' since 18 and was 'allow' before
return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we require Java 21 now it might be obsolete?!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These tests are failing when running with Java 21. Just because the IDE requires Java 21 doesn't mean an ant task requires Java 21 or even the Eclipse ant bundles for that matter.

Anyway, it's a copy of this already-committed code:

private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed();
private static boolean isSecurityManagerAllowed() {
String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$
if (sm == null) { // default is 'disallow' since 18 and was 'allow' before
return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$
}
// Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set
return !"disallow".equals(sm); //$NON-NLS-1$
}

}
// Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set
return !"disallow".equals(sm); //$NON-NLS-1$
}

/**
* Message priority for project help messages.
*/
Expand Down Expand Up @@ -443,7 +455,9 @@ private void run(List<String> argList) {
printArguments(getCurrentProject());
}
try {
System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread()));
if (IS_SECURITY_MANAGER_SUPPORTED) {
System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread()));
}
}
catch (UnsupportedOperationException ex) {
logMessage(null, RemoteAntMessages.getString("InternalAntRunner.SecurityManagerError"), Project.MSG_WARN); //$NON-NLS-1$
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@
import org.apache.tools.ant.Task;
import org.apache.tools.ant.TaskAdapter;
import org.apache.tools.ant.UnknownElement;
import org.apache.tools.ant.util.JavaEnvUtils;
import org.eclipse.ant.core.AntCorePlugin;
import org.eclipse.ant.core.AntCorePreferences;
import org.eclipse.ant.core.AntSecurityException;
Expand Down Expand Up @@ -89,6 +90,17 @@
@SuppressWarnings("removal") // SecurityManager
public class AntModel implements IAntModel {

private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed();

private static boolean isSecurityManagerAllowed() {
String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$
if (sm == null) { // default is 'disallow' since 18 and was 'allow' before
return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$
}
// Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set
return !"disallow".equals(sm); //$NON-NLS-1$
}

private static ClassLoader fgClassLoader;
private static int fgInstanceCount = 0;
private static Object loaderLock = new Object();
Expand Down Expand Up @@ -363,8 +375,10 @@ private void parseDocument(IDocument input) {
SecurityManager origSM = System.getSecurityManager();
processAntHome(true);
try {
// set a security manager to disallow system exit and system property setting
System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false));
if (IS_SECURITY_MANAGER_SUPPORTED) {
// set a security manager to disallow system exit and system property setting
System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false));
}
resolveBuildfile();
endReporting();
// clear the additional property-holder(s) to avoid potential memory leaks
Expand All @@ -379,7 +393,9 @@ private void parseDocument(IDocument input) {
finally {
Thread.currentThread().setContextClassLoader(originalClassLoader);
getClassLoader(null);
System.setSecurityManager(origSM);
if (System.getSecurityManager() instanceof AntSecurityManager) {
System.setSecurityManager(origSM);
}
project.fireBuildFinished(null); // cleanup (IntrospectionHelper)
}
}
Expand Down Expand Up @@ -550,9 +566,7 @@ private void setGlobalProperties(Project project) {

private void resolveBuildfile() {
Collection<AntTaskNode> nodeCopy = new ArrayList<>(fTaskNodes);
Iterator<AntTaskNode> iter = nodeCopy.iterator();
while (iter.hasNext()) {
AntTaskNode node = iter.next();
for (AntTaskNode node : nodeCopy) {
fNodeBeingResolved = node;
fNodeBeingResolvedIndex = -1;
if (node.configure(false)) {
Expand Down Expand Up @@ -1439,10 +1453,8 @@ private void reconcileTaskAndTypes() {
if (fCurrentNodeIdentifiers == null || fDefinerNodeIdentifierToDefinedTasks == null) {
return;
}
Iterator<String> iter = fDefinerNodeIdentifierToDefinedTasks.keySet().iterator();
ComponentHelper helper = ComponentHelper.getComponentHelper(fProjectNode.getProject());
while (iter.hasNext()) {
String key = iter.next();
for (String key : fDefinerNodeIdentifierToDefinedTasks.keySet()) {
if (fCurrentNodeIdentifiers.get(key) == null) {
removeDefinerTasks(key, helper.getAntTypeTable());
}
Expand Down Expand Up @@ -1579,9 +1591,7 @@ public AntElementNode getReferenceNode(String text) {
}

Set<Task> nodes = fTaskToNode.keySet();
Iterator<Task> iter = nodes.iterator();
while (iter.hasNext()) {
Task task = iter.next();
for (Task task : nodes) {
Task tmptask = task;
if (tmptask instanceof UnknownElement) {
UnknownElement element = (UnknownElement) tmptask;
Expand Down Expand Up @@ -1720,9 +1730,7 @@ protected void addDefinedTasks(List<String> newTasks, AntDefiningTaskNode node)
fCurrentNodeIdentifiers.remove(identifier);
}
fDefinerNodeIdentifierToDefinedTasks.put(identifier, newTasks);
Iterator<String> iter = newTasks.iterator();
while (iter.hasNext()) {
String name = iter.next();
for (String name : newTasks) {
fTaskNameToDefiningNode.put(name, node);
}
}
Expand Down Expand Up @@ -1800,9 +1808,7 @@ private String getPrefixMapping(String prefix) {
private String getUserPrefixMapping(String prefix) {
if (fNamespacePrefixMappings != null) {
Set<Entry<String, String>> entrySet = fNamespacePrefixMappings.entrySet();
Iterator<Entry<String, String>> entries = entrySet.iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
for (Entry<String, String> entry : entrySet) {
if (entry.getValue().equals(prefix)) {
return entry.getKey();
}
Expand Down
Loading